CVE-2022-31011

Name of the Vulnerable Software and Affected Versions TiDB version 5.3.0

Description TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access.

Recommendations For TiDB version 5.3.0, upgrade to TiDB 5.3.1 or higher version to resolve the issue. As a temporary workaround, consider turning off Security Enhanced Mode (SEM) until a patch is applied. Additionally, disable local login for non-root accounts and ensure that the same IP cannot be logged in as root and normal user at the same time to minimize the risk of exploitation.